golang開發問題

開發問題：
How to find out which types implement which interface in Golang?
How do you quickly find the implementation(s) of an interface in Golang?

Ctrl + Alt+b

Ctrl +b show usage

證書問題1：

2018/03/09 10:44:13 check userEcaCert signature:  x509: invalid signature: parent certificate cannot sign this kind of certificate

解決：

ecaCert.BasicConstraintsValid = true
ecaCert.IsCA = true
ecaCert.KeyUsage = x509.KeyUsageCertSign

證書問題2：

根證書、二級證書、三級證書都能通過https驗證都須要加上以上三個參數

D:\project>server.exe
2018/03/13 09:38:39 http: TLS handshake error from 127.0.0.1:56660: tls: failed to verify client's certificate: x509: certificate signed by unknown authority (possibly because of "x509: invalid signature: parent certificate cannot sign this kind of certificate" while trying to verify candidate authority certificate "usechaineca")

Cert := &x509.Certificate{
        SerialNumber: big.NewInt(1658),
        Subject: pkix.Name{
            Country: []string{"CN"},
            Organization: []string{"usechainEca"},
            OrganizationalUnit: []string{"eca"},
        },
        NotBefore: time.Now(),
        NotAfter: time.Now().AddDate(10,0,0),
        SubjectKeyId: []byte{1,2,3,4,6},
        ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
        BasicConstraintsValid: true,
        IsCA: true,
        KeyUsage: x509.KeyUsageDigitalSignature|x509.KeyUsageCertSign,
    }

若是是openssl生成的則須要客戶端證書改爲以下格式：

openssl genrsa -out client.key 2048
openssl req -new -key client.key -subj "/CN=client" -out client.csr
openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 5000

改爲：
openssl genrsa -out client.key 2048
openssl req -new -key client.key -subj "/CN=client" -out client.csr
echo extendedKeyUsage=clientAuth > extfile.conf
openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -extfile extfile.conf -out client.crt -days 5000